Method for securely connecting a watch to a remote server

ABSTRACT

A method for securely connecting a watch to a remote server of a service provider including the following steps: authenticating the wearer of the watch authorizing access to use the functions of this watch, and selecting one of the functions from an input interface of the watch aiming at establishing a connection between the watch and the remote server; identifying the wearer of the watch from at least one biometric information element included in a portion of this wearer&#39;s skin; transmitting to the remote server an authentication element relating to the selected function once the wearer is identified, and carrying out an authentication of the wearer by the remote server from the authentication element in order to authorize an exchange of data between the watch and this remote server.

CROSS-REFERENCE TO RELATED APPLICATION

This application claims priority to European Patent Application No.19214192.7 filed on Dec. 6, 2019, the entire disclosure of which ishereby incorporated herein by reference.

TECHNICAL FIELD

The present invention relates to a method for securely connecting awatch to a remote server and a system implementing such a method.

The invention also relates to a computer program.

PRIOR ART

A watch comprises a set of functions that can be used by the wearer.Such functions can allow access to remote servers implementing serviceprovisions such as banking provisions, commercial provisions (onlineshops, e-commerce companies), electronic messaging or instant messagingprovisions. In such a context, the wearer of the watch must manage andstore an increasing number of identifiers, passwords and access codeswhich are authentication elements. Such authentication elements areoften to be worn by the wearer when they must initiate a connection to aremote server in order to benefit from a service provision. For thispurpose, it is common that the wearer, failing to memorise all theseconfidential data, prefers to group them together on paper or else in astandard computer file of the spreadsheet type archived on mediaallowing the storage of digital data, whether hard disks, flash memory,a USB key, etc. This situation has the disadvantage that thedocuments/files containing these authentication elements can be storedin an environment with little or no protection. This introduces asignificant security flaw in the management of authentication elements.

Under these conditions, it is understood that there is a need to find analternative solution, in particular which does not have thedisadvantages of the prior art.

SUMMARY OF THE INVENTION

A purpose of the present invention is therefore to provide a method forsecurely connecting a watch to a remote server which is reliable androbust.

To this end, the invention relates to a method for securely connecting awatch to a remote server of a service provider including the followingsteps:

-   -   authenticating the wearer of the watch authorising access to use        the functions of this watch, and    -   selecting one of said functions from an input interface of said        watch aiming at establishing a connection between said watch and        the remote server;    -   identifying the wearer of the watch from at least one biometric        information element comprised in a portion of this wearers skin;    -   transmitting to the remote server an authentication element        relating to the selected function once the wearer is identified,        and    -   carrying out an authentication of the wearer by the remote        server from said authentication element in order to authorise an        exchange of data between the watch and this remote server.

In other embodiments:

-   -   the transmission step comprises a sub-step of selecting the        authentication element relating to said selected function in        anticipation of its sending to the remote server, among the        authentication elements archived in the memory elements of the        processing unit of the watch;    -   the step of carrying out an authentication comprises a sub-step        of comparison between the authentication element received from        the watch and a reference authentication element archived in the        server;    -   the identification step comprises a sub-step of acquiring by at        least one multispectral biometric skin sensor comprised in the        watch, a plurality of images of a portion of the wearer's skin        adjacent to said sensor, said images comprising said at least        one biometric information element comprised in this skin        portion;    -   the identification step comprises a sub-step of generating a        digital identification element from said at least one biometric        information element comprised in the acquired images of the skin        portion;    -   the identification step comprises a sub-step of validating a        digital identification element generated in anticipation of the        identification of the wearer;    -   the biometric information element is related to a vascular        network or to a texture of this skin.

The invention also relates to a system for securely connecting a watchto a remote server implementing such a method, the watch comprising thefollowing elements connected together: a processing unit, amultispectral biometric skin sensor, an input interface, an interfacefor broadcasting a visual piece of information and a wirelesscommunication interface for data exchanges with said remote server.

-   -   The invention also relates to a computer program comprising        program code instructions for executing the steps of this method        when said program is executed by the processing units of a watch        and of a remote server.

BRIEF DESCRIPTION OF THE FIGURES

Other features and advantages will emerge clearly from the descriptionwhich is given below, in an indicative and non-limiting manner, withreference to the appended figures, wherein:

FIG. 1 is a schematic representation of a system for securely connectinga watch to a remote server, according to one embodiment of theinvention, and

FIG. 2 is a flowchart relating to a method for securely connecting thewatch to the remote server, according to the embodiment of theinvention.

DETAILED DESCRIPTION OF THE INVENTION

FIG. 1 shows a system 1 for securely connecting a watch to a remoteserver 200. In this system 1, the watch 100 is preferably a mechanicalwatch 100 connected to a hybrid display. In this context, the watch 100comprises a body such as a watch case, and an attachment element such asa wristlet allowing to fasten this body, for example to the wrist of thewearer. This watch 100 more specifically comprises in a non-limitingand/or non-exhaustive manner:

-   -   a processing unit 2 including hardware and software resources,        in particular at least one processor cooperating with memory        elements 6;    -   an interface for broadcasting a visual piece of information 3        such as a hybrid display dial provided with a first analogue        display component and a second digital and/or alphanumeric        display component;    -   an interface for broadcasting an audio piece of information 4        such as a loudspeaker;    -   a wireless communication interface 5 (for example cellular, WLAN        Bluetooth, etc.);    -   an input interface 34 such as a keyboard or even a touch        interface comprised for example in the interface for        broadcasting a visual piece of information 3, and    -   a multispectral skin biometric sensor 33 comprising at least one        photographic sensor 26, at least one multispectral illumination        source 27 and at least one thermal image sensor 28, the        illumination source 27 being able to emit light radiation in        wavelengths comprised between 300 and 1100 nm, in addition this        illumination source 27 can be of the laser type.

In this watch 100, the processing unit 2 is connected, among others, tothe interfaces for broadcasting a visual and sound piece of information3, 4, to the input interface 34 as well as to the wireless communicationinterface 5 and to the multispectral biometric sensor 33. It will alsobe noted that the multispectral biometric sensor 33 is arranged in thebody of the electronic device 100 and/or in the attachment element.

In this system 1, the server 200 comprises a processing unit 210 and acommunication interface 220. This server 200 is a remote server of aservice provider, for example a server of a banking or commercialservice provider (online shops, e-commerce companies), electronicmessaging or instant messaging provisions. In this context, theprocessing unit 210 of this server 200 comprises memory elementsincluding a reference authentication element 32. This referenceauthentication element 32 is capable of participating in the creation ofa secure connection between the remote server 200 and said watch 100 andcan comprise keys, certificates, authentication codes, passwords andpersonal codes, etc.

This watch 100 is capable of ensuring the identity control of theauthenticated wearer discreetly, that is to say without directintervention/interaction of the wearer with this watch 100, so that theycan make a connection to a remote server 200 all the time they wear it.The identification of the wearer is then carried out in a transparentand discreet manner, based on at least one biometric information elementcomprised in the skin of this wearer, such as the vascular network ofthe skin or the texture of this skin. This skin of the wearer whichcovers their body has a particularity, not usually taken into account bythe person skilled in the art because it is not naturally visible to thehuman eye, related to the features of absorption and reflection atdifferent wavelengths (spectrum) of the components of the skin, locatedat different depths. In a simplified model, the skin consists of a layercalled “epidermis”, which is semi-transparent and located on the surfacethen, under the epidermis, of a layer called “dermis” and comprising,among others, the blood vessels (or vascular network) wherein thehaemoglobin is highly reflective at high wavelengths close to red, beingfor example comprised between 760 and 930 nm, which allows here toreveal or show the vascular network of the wearer's skin. In otherwords, the light absorption spectrum of the components of the epidermisand the dermis constituting the skin not being uniform according to theelectromagnetic wavelengths, the appearance and the colour of the skinresult from a complex combination of these phenomena. Thus, when itcomes to showing or revealing a biometric information element such asthe texture of the skin of this wearer, a texture essentially formed ofcracks or cavities, the illumination of the skin can then be ensured byan illumination source restricted to wavelengths around red which tendsto make the shadow phenomenon disappear from the bottom of the cracks.Indeed, there is a retro projection effect by reflection on the dermisand through the epidermis of these wavelengths close to red, while theillumination of the skin by a source of colour spectrum far from red,typically the wavelength band located between violet (400 nm) and up toyellow-orange (600 nm), on the contrary allows to strongly contrastthese cracks in the skin by the appearance of shadows at the bottom ofthese cracks. It should be noted that the identification of a biometricinformation element comprised in the skin can be improved by the use ofthe thermal image sensor 28, preferably without illumination. By way ofexample, for showing the texture of the skin, in particular when theconcerned portion of the skin of this wearer is provided with hair, theuse of the thermal image sensor 28 allows to reveal the cracks of thistexture of the skin which are generally warmer than the surrounding skinand the hair colder than the surrounding skin. Thus, in thisconfiguration, the hair can be thermally distinguished from cracks inthe texture of the skin due to this difference between their respectivetemperatures.

It should be noted that the capture of thermal images can be carried outunder illumination in a given wavelength depending on the biometricinformation element that should be shown or revealed.

It is therefore understood, according to the principle of the invention,that the identification of the wearer is carried out on the basis of atleast one biometric information element comprised in images of a portionof the skin of this wearer which can be illuminated, where appropriate,according to different wavelengths in order to capture images comprisingthe desired biometric information element. Thus, this biometricinformation element, comprised in these images, can be shown by theillumination performed in different wavelengths or without illumination,for example when it comes to capturing thermal images.

In this watch, the memory elements 6 of the processing unit 2 of thewatch 100 comprise data relating to authentication elements 31 specificto each remote server 200 to which the watch 100 is connected. In otherwords, these authentication elements are specific to the wearer and/orto the watch 100, and thus allow the wearer to connect to the server 200he wishes by means of a selection of a function of the watch 100. Thesememory elements 6 also include digital image processing algorithms 29allowing to characterise at least one biometric information elementrelating to the wearer's skin and which is comprised in the imagesrelating to the portion of the wearer's skin. These memory elements 6also include algorithms 30 for generating the reference digitalidentification element but also a digital identification element.

The system 1 is capable of implementing a method for secure connectionto the remote server 200 of a service provider, shown in FIG. 2 . Such aserver 200 of a service provider can be for example a server of bankingor commercial service provider (online shops, e-commerce companies),electronic messaging or instant messaging provisions.

This method comprises a step 9 of authenticating the wearer of the watch100 authorising access to use the functions of this watch 100. Thisauthentication step 9 therefore allows to identify with certainty thewearer of the watch so that he can have access to use all the functionsof this watch 100. In other words, it allows the wearer to provide proofof his identity by providing for the input of an authentication code ora secret code by means of an interaction between the wearer and theinput interface 34.

In addition, it is understood that the functions can be implemented bycomputer programs executed by the processing unit 2 of the watch 100 assoon as these programs are activated/selected following an interactionbetween the wearer and the input interface 34 of this watch 100. Thesecomputer programs thus executed allow the wearer to benefit from serviceprovisions, for example of the banking, commercial type or elseinstantaneous or electronic messaging.

Following this authentication step 9, the method comprises a step 11 ofselecting one of said functions from the input interface 34 of saidwatch 100 aiming at establishing a connection between said watch 100 andthe remote server 200. It will be understood that the functions can beimplemented by computer programs executed by the processing unit 2 ofthe watch 100 as soon as these functions which are displayed on/in theinterface for broadcasting a visual piece of information 3, areactivated/selected after an interaction between the wearer and the inputinterface 34 of this watch 100. These computer programs thus executedallow the wearer to benefit from service provisions for example of thebanking, commercial or else instant or electronic messaging.

The method then comprises a step 12 of identifying the wearer of thewatch 100 from at least one biometric information element comprised in aportion of the wearer's skin. Such a step 12 is carried outsystematically following the selection of a function in order, inparticular, to allow the processing unit 2 to control that the wearer ofthe watch 100 is still in possession of the latter and that they areindeed at the origin of the selection of the function. This step 12comprises a sub-step 13 of acquiring, by the sensor 33, a plurality ofimages of a portion of the wearer's skin, said skin portion beingarranged in an adjacent manner to said sensor 33, said images comprisingsaid at least one biometric information element comprised in this skinportion. This sub-step 13 comprises a phase of illuminating 14 the skinportion according to different wavelengths. More specifically, duringthis phase 14, the processing unit 2 drives the multispectral biometricsensor 33 and in particular the illumination source 27 so that thelatter emits light radiation in the direction of the skin portionaccording to a precise wavelength adapted for showing or revealing saidat least one biometric information element specific to the skin which issought here. Once the illumination has been configured, the acquisitionsub-step 13 comprises a phase 15 of capturing images of this skinportion illuminated at least at one wavelength capable of showing orrevealing said at least one biometric information element. During thisphase 15, the processing unit 2 drives the multispectral biometric skinsensor 33 and in particular the photographic sensor 26 synchronouslywith the activation/deactivation of the illumination source 27 at agiven wavelength in order to capture at least one image relating to theskin portion illuminated for at least one wavelength.

This acquisition sub-step 13 can also comprise a phase 16 of capturingat least one thermal image of the skin portion. Such a phase 16 ispreferably carried out without illumination but in other alternativesilluminating the portion can be carried out at least at one givenwavelength, this is obviously depending on the biometric informationelement that should be shown or revealed. This phase 16 can be carriedout before or after the illumination 14 and image capture 15 phases.

The identification step 12 then comprises a sub-step 17 of generatingthe digital identification element from said at least one biometricinformation element comprised in the acquired images of the skinportion. Such a sub-step 17 comprises a phase 18 of characterising saidbiometric information element comprised in the images relating to saidskin portion. During this phase 18, the processing unit 2 implementsalgorithms 29 for processing acquired images aiming atidentifying/detecting in each of them said at least one biometricinformation element that they comprise. As already mentioned previously,it may be information elements relating, for example, to the texture ofthe skin or to the vascular network comprised in this portion of thewearers skin. The implementation of these algorithms 29, 30 by theprocessing unit 2 can, by way of example, provide for a process ofcutting these images into segments. It is understood here that eachacquired image gives an overall view of the portion of the wearers skin,and then includes areas of varying relevance for the identification ofsaid at least one biometric information element. Such a cutting processparticipates in extracting the segments to be processed and ineliminating the parts not to be processed in these images. Thesealgorithms 29 can then provide an indexing of these image segmentscomprising features relating to said at least one particular biometricinformation element to be identified, by localisation areas in the skinportion, in order to be able to assign to each area the adequateprocessing regarding the morphological typology of the feature of thisgeographical area of the portion. In this context, these algorithms 29process each segment of these images by showing the pieces ofinformation carried by the pixels of each of these images by performingimage analysis operations of the processing, transformation anddetection type. Subsequently, these algorithms 29 perform featurefiltering and extraction or vectorisation operations, in order toconvert the image data relating to said at least one identified andextracted biometric information element, into parametric data, typicallyrelative numerical values expressed for example as an index or as apercentage.

It is understood here that the acquisition of several imagesrepresenting the same skin portion under different illuminations orwithout illumination, helps to improve the precision and efficiency ofthis characterisation phase 18.

Subsequently, the generation sub-step 17 comprises a phase 19 ofdesigning the digital identification element from the characterisationof said at least one biometric information element. During this phase19, the processing unit 2 implements algorithms for generating 30 such adigital identification element specifically provided for the processingof the parametric data obtained during the characterisation phase 18,which parametric data being relating to said at least one biometricinformation element.

Then, the identification step 12 comprises a sub-step 20 of validatingthe digital identification element generated in anticipation of acontrol of the identity of the wearer. This validation sub-step 20comprises a comparison phase 21, implemented by the processing unit 2,between the generated digital identification element and the referencedigital identification element. In this method, the reference digitalidentification element can be created, once the wearer has been dulyauthenticated and their identity is certain, during a step 11 ofdefining this reference digital identification element providingsub-steps similar to the acquisition 13 and generation 17 sub-stepsimplemented during the identification step 12. In this method, once thewearer of the watch 100 is authenticated, the processing unit 2implements this definition step 11 and then performs an archiving of thereference digital identification element obtained in the memory elements6 of the processing unit 2. This reference digital identificationelement can therefore be determined automatically by the processing unit2 or configured by the wearer during an adjustment process aiming atguiding the wearer in defining this reference digital identificationelement.

This comparison phase 21 comprises a sub-phase of rejecting theidentification of the wearer 22 if the generated digital identificationelement is substantially different or different from the referencedigital identification element. In this case, the establishment of theconnection to the remote server is suspended or even removed. Inaddition, access to the watch 100 is also removed and in particular theaccess to the functions of this watch. In this context, the wearer ofthe watch is invited to authenticate themself again in order to provideproof of their identity by inputting an authentication code or a secretcode, by means of an interaction between the wearer and the inputinterface 34. Indeed, the wearer and owner of the watch 100 may nolonger be in possession thereof.

The comparison phase 21 also comprises a sub-phase of successfullyidentifying the wearer if the generated digital identification elementis substantially similar or similar to the reference digitalidentification element. In this case, the method then provides for theimplementation of a step 22 of transmitting to said remote server 200the authentication element relating to the selected function once thewearer is identified. This step 22 comprises a sub-step 23 of selectingthe authentication element relating to said selected function inanticipation of its sending to the remote server 200. During thissub-step 23, the selected function is identified, and on the on thebasis of this identification, a selection of the authentication elementis carried out from the authentication elements archived in the memoryelements 6 of the processing unit 2 of the watch 100. As alreadymentioned previously, the authentication elements 31 may be keys,certificates, authentication codes, passwords and personal codes whichare each dedicated to the authentication of the wearer of the watch 200to the corresponding service provider and therefore to the remote servercomprised in a technical platform of this provider. It is understoodhere that the authentication element is dedicated to authenticating thewearer to a remote server of a given service provider. In addition, theauthentication elements are archived in the memory elements 6 of theprocessing unit 2 of the watch 100, each being associated with a digitalidentification element of a corresponding function.

The method then comprises a step of performing an authentication 24 ofthe wearer by the remote server 200 from said authentication element inorder to authorise an exchange of data between the watch 100 and thisremote server 200. Such a step 24 comprises a comparison sub-step 25,carried out by the processing unit 210 of the server 200, between theauthentication element received from the watch and a referenceauthentication element 32 archived in the server 200. This comparisonsub-step 25 comprises a phase of rejecting the identification of thewearer 22 if the authentication element is significantly different ordifferent from the reference authentication element 32. In this case,the establishment of the connection to the remote server 200 issuspended or even removed.

The comparison sub-step 25 also comprises a phase of successfullyidentifying the wearer if the authentication element is substantiallysimilar or similar to the reference authentication element 32. In thiscontext, an exchange of data between the watch 100 and this remoteserver 200 in connection with the service provision is then authorised.

Thus, the invention allows the wearer and owner of the watch 200 to beable to be authenticated with all the remote servers of the serviceproviders based on only their identification from at least one biometricinformation element comprised in a portion of their skin, without havingto directly enter the authentication element specific to each of theseservers 200 in order to be able to authenticate themself to thecorresponding service provider. It is therefore understood that thisautomatic and non-intrusive identification allows the wearer to be ableto connect their watch to all the remote servers each in connection witha function of the watch relating to a service provision.

The invention also relates to a computer program comprising program codeinstructions for executing steps 10 to 25 of this method when saidprogram is executed by the processing unit 2 of the watch 100.

The invention claimed is:
 1. A method for securely connecting a watch toa remote server of a service provider including the following steps:authenticating the wearer of the watch authorizing access to use thefunctions of said watch, and selecting one of said functions from aninput interface of said watch aiming at establishing a connectionbetween said watch and the remote server; acquiring by at least onemultispectral biometric skin sensor comprised in the watch, a pluralityof images of a portion of the wearer's skin adjacent to said sensorwhile illuminating the skin portion, and at least one thermal image ofthe skin region without illuminating the skin portion, said imagescomprising said at least one biometric information element comprised insaid skin portion; identifying the wearer of the watch from bygenerating a digital identification element from said at least onebiometric information element comprised in the acquired images of theskin portion that include the plurality of images acquired whileilluminating the skin portion and the at least one thermal image of theskin region acquire without illuminating the skin portion, thegenerating including cutting the acquired images into segments,extracting certain segments to be processed and eliminating certainsegments not to be processed; transmitting to said remote server anauthentication element relating to the selected function once the weareris identified, and carrying out an authentication of the wearer by theremote server from said authentication element in order to authorize anexchange of data between the watch and said remote server, wherein thebiometric information element is related to a vascular network or to atexture of this skin.
 2. The method according to claim 1, wherein thetransmitting step comprises a sub-step of selecting the authenticationelement relating to said selected function in anticipation of itssending to the remote server, among the authentication elements archivedin the memory elements of the processing unit of the watch.
 3. Themethod according to claim 1, wherein the step of carrying out anauthentication comprises a sub-step of comparison between theauthentication element received from the watch and a referenceauthentication element archived in the server.
 4. The method accordingto claim 1, wherein the identifying step comprises a sub-step ofvalidating the digital identification element generated in anticipationof the identification of the wearer.
 5. A system for securely connectinga watch to a remote server implementing the method according to claim 1,the watch comprising the following elements connected together: aprocessing unit, a multispectral biometric skin sensor, an inputinterface, an interface for broadcasting a visual piece of informationand a wireless communication interface for data exchanges with saidremote server.
 6. A non-transitory computer-readable medium that storesprogram code instructions for executing the steps of the methodaccording to claim 1 when said instruction are executed by processingcircuitry of a watch and of a remote server.